1 const char miscutil_rcs[] = "$Id: miscutil.c,v 1.49 2007/05/11 11:48:15 fabiankeil Exp $";
2 /*********************************************************************
4 * File : $Source: /cvsroot/ijbswa/current/miscutil.c,v $
6 * Purpose : zalloc, hash_string, safe_strerror, strcmpic,
7 * strncmpic, chomp, and MinGW32 strdup
9 * These are each too small to deserve their own file
10 * but don't really fit in any other file.
12 * Copyright : Written by and Copyright (C) 2001-2007
13 * the SourceForge Privoxy team. http://www.privoxy.org/
15 * Based on the Internet Junkbuster originally written
16 * by and Copyright (C) 1997 Anonymous Coders and
17 * Junkbusters Corporation. http://www.junkbusters.com
19 * The timegm replacement function was taken from GnuPG,
20 * Copyright (C) 2004 Free Software Foundation, Inc.
22 * The snprintf replacement function is written by
23 * Mark Martinec who also holds the copyright. It can be
24 * used under the terms of the GPL or the terms of the
25 * "Frontier Artistic License".
27 * This program is free software; you can redistribute it
28 * and/or modify it under the terms of the GNU General
29 * Public License as published by the Free Software
30 * Foundation; either version 2 of the License, or (at
31 * your option) any later version.
33 * This program is distributed in the hope that it will
34 * be useful, but WITHOUT ANY WARRANTY; without even the
35 * implied warranty of MERCHANTABILITY or FITNESS FOR A
36 * PARTICULAR PURPOSE. See the GNU General Public
37 * License for more details.
39 * The GNU General Public License should be included with
40 * this file. If not, you can view it at
41 * http://www.gnu.org/copyleft/gpl.html
42 * or write to the Free Software Foundation, Inc., 59
43 * Temple Place - Suite 330, Boston, MA 02111-1307, USA.
46 * $Log: miscutil.c,v $
47 * Revision 1.49 2007/05/11 11:48:15 fabiankeil
48 * - Delete strsav() which was replaced
49 * by string_append() years ago.
50 * - Add a strlcat() look-alike.
51 * - Use strlcat() and strlcpy() in those parts
52 * of the code that are run on unixes.
54 * Revision 1.48 2007/04/09 17:48:51 fabiankeil
55 * Check for HAVE_SNPRINTF instead of __OS2__
56 * before including the portable snprintf() code.
58 * Revision 1.47 2007/03/17 11:52:15 fabiankeil
59 * - Use snprintf instead of sprintf.
60 * - Mention copyright for the replacement
61 * functions in the copyright header.
63 * Revision 1.46 2007/01/18 15:03:20 fabiankeil
64 * Don't include replacement timegm() if
65 * putenv() or tzset() isn't available.
67 * Revision 1.45 2006/12/26 17:31:41 fabiankeil
68 * Mutex protect rand() if POSIX threading
69 * is used, warn the user if that's not possible
70 * and stop using it on _WIN32 where it could
73 * Revision 1.44 2006/11/07 12:46:43 fabiankeil
74 * Silence compiler warning on NetBSD 3.1.
76 * Revision 1.43 2006/09/23 13:26:38 roro
77 * Replace TABs by spaces in source code.
79 * Revision 1.42 2006/09/09 14:01:45 fabiankeil
80 * Integrated Oliver Yeoh's domain pattern fix
81 * to make sure *x matches xx. Closes Patch 1217393
84 * Revision 1.41 2006/08/18 16:03:17 david__schmidt
85 * Tweak for OS/2 build happiness.
87 * Revision 1.40 2006/08/17 17:15:10 fabiankeil
88 * - Back to timegm() using GnuPG's replacement if necessary.
89 * Using mktime() and localtime() could add a on hour offset if
90 * the randomize factor was big enough to lead to a summer/wintertime
93 * - Removed now-useless Privoxy 3.0.3 compatibility glue.
95 * - Moved randomization code into pick_from_range().
97 * - Changed parse_header_time definition.
98 * time_t isn't guaranteed to be signed and
99 * if it isn't, -1 isn't available as error code.
100 * Changed some variable types in client_if_modified_since()
101 * because of the same reason.
103 * Revision 1.39 2006/07/18 14:48:46 david__schmidt
104 * Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
105 * with what was really the latest development (the v_3_0_branch branch)
107 * Revision 1.37.2.4 2003/12/01 14:45:14 oes
108 * Fixed two more problems with wildcarding in simplematch()
110 * Revision 1.37.2.3 2003/11/20 11:39:24 oes
111 * Bugfix: The "?" wildcard for domain names had never been implemented. Ooops\!
113 * Revision 1.37.2.2 2002/11/12 14:28:18 oes
114 * Proper backtracking in simplematch; fixes bug #632888
116 * Revision 1.37.2.1 2002/09/25 12:58:51 oes
117 * Made strcmpic and strncmpic safe against NULL arguments
118 * (which are now treated as empty strings).
120 * Revision 1.37 2002/04/26 18:29:43 jongfoster
121 * Fixing this Visual C++ warning:
122 * miscutil.c(710) : warning C4090: '=' : different 'const' qualifiers
124 * Revision 1.36 2002/04/26 12:55:38 oes
125 * New function string_toupper
127 * Revision 1.35 2002/03/26 22:29:55 swa
128 * we have a new homepage!
130 * Revision 1.34 2002/03/24 13:25:43 swa
131 * name change related issues
133 * Revision 1.33 2002/03/07 03:46:53 oes
134 * Fixed compiler warnings etc
136 * Revision 1.32 2002/03/06 23:02:57 jongfoster
139 * Revision 1.31 2002/03/05 04:52:42 oes
140 * Deleted non-errlog debugging code
142 * Revision 1.30 2002/03/04 18:27:42 oes
143 * - Deleted deletePidFile
144 * - Made write_pid_file use the --pidfile option value
145 * (or no PID file, if the option was absent)
146 * - Played styleguide police
148 * Revision 1.29 2002/03/04 02:08:02 david__schmidt
149 * Enable web editing of actions file on OS/2 (it had been broken all this time!)
151 * Revision 1.28 2002/03/03 09:18:03 joergs
152 * Made jumbjuster work on AmigaOS again.
154 * Revision 1.27 2002/01/21 00:52:32 jongfoster
155 * Adding string_join()
157 * Revision 1.26 2001/12/30 14:07:32 steudten
158 * - Add signal handling (unix)
159 * - Add SIGHUP handler (unix)
160 * - Add creation of pidfile (unix)
161 * - Add action 'top' in rc file (RH)
162 * - Add entry 'SIGNALS' to manpage
163 * - Add exit message to logfile (unix)
165 * Revision 1.25 2001/11/13 00:16:38 jongfoster
166 * Replacing references to malloc.h with the standard stdlib.h
167 * (See ANSI or K&R 2nd Ed)
169 * Revision 1.24 2001/11/05 21:41:43 steudten
170 * Add changes to be a real daemon just for unix os.
171 * (change cwd to /, detach from controlling tty, set
172 * process group and session leader to the own process.
174 * Add some fatal-error log message for failed malloc().
175 * Add '-d' if compiled with 'configure --with-debug' to
176 * enable debug output.
178 * Revision 1.23 2001/10/29 03:48:10 david__schmidt
179 * OS/2 native needed a snprintf() routine. Added one to miscutil, brackedted
180 * by and __OS2__ ifdef.
182 * Revision 1.22 2001/10/26 17:39:38 oes
183 * Moved ijb_isspace and ijb_tolower to project.h
185 * Revision 1.21 2001/10/23 21:27:50 jongfoster
186 * Standardising error codes in string_append
187 * make_path() no longer adds '\\' if the dir already ends in '\\' (this
188 * is just copying a UNIX-specific fix to the Windows-specific part)
190 * Revision 1.20 2001/10/22 15:33:56 david__schmidt
191 * Special-cased OS/2 out of the Netscape-abort-on-404-in-js problem in
192 * filters.c. Added a FIXME in front of the offending code. I'll gladly
193 * put in a better/more robust fix for all parties if one is presented...
194 * It seems that just returning 200 instead of 404 would pretty much fix
195 * it for everyone, but I don't know all the history of the problem.
197 * Revision 1.19 2001/10/14 22:02:57 jongfoster
198 * New function string_append() which is like strsav(), but running
199 * out of memory isn't automatically FATAL.
201 * Revision 1.18 2001/09/20 13:33:43 steudten
203 * change long to int as return value in hash_string(). Remember the wraparound
204 * for int = long = sizeof(4) - thats maybe not what we want.
206 * Revision 1.17 2001/09/13 20:51:29 jongfoster
207 * Fixing potential problems with characters >=128 in simplematch()
208 * This was also a compiler warning.
210 * Revision 1.16 2001/09/10 10:56:59 oes
211 * Silenced compiler warnings
213 * Revision 1.15 2001/07/13 14:02:24 oes
214 * Removed vim-settings
216 * Revision 1.14 2001/06/29 21:45:41 oes
217 * Indentation, CRLF->LF, Tab-> Space
219 * Revision 1.13 2001/06/29 13:32:14 oes
220 * Removed logentry from cancelled commit
222 * Revision 1.12 2001/06/09 10:55:28 jongfoster
223 * Changing BUFSIZ ==> BUFFER_SIZE
225 * Revision 1.11 2001/06/07 23:09:19 jongfoster
226 * Cosmetic indentation changes.
228 * Revision 1.10 2001/06/07 14:51:38 joergs
229 * make_path() no longer adds '/' if the dir already ends in '/'.
231 * Revision 1.9 2001/06/07 14:43:17 swa
232 * slight mistake in make_path, unix path style is /.
234 * Revision 1.8 2001/06/05 22:32:01 jongfoster
235 * New function make_path() to splice directory and file names together.
237 * Revision 1.7 2001/06/03 19:12:30 oes
238 * introduced bindup()
240 * Revision 1.6 2001/06/01 18:14:49 jongfoster
241 * Changing the calls to strerr() to check HAVE_STRERR (which is defined
242 * in config.h if appropriate) rather than the NO_STRERR macro.
244 * Revision 1.5 2001/06/01 10:31:51 oes
245 * Added character class matching to trivimatch; renamed to simplematch
247 * Revision 1.4 2001/05/31 17:32:31 oes
249 * - Enhanced domain part globbing with infix and prefix asterisk
250 * matching and optional unanchored operation
252 * Revision 1.3 2001/05/29 23:10:09 oes
255 * - Introduced chomp()
256 * - Moved strsav() from showargs to miscutil
258 * Revision 1.2 2001/05/29 09:50:24 jongfoster
259 * Unified blocklist/imagelist/permissionslist.
260 * File format is still under discussion, but the internal changes
263 * Also modified interceptor behaviour:
264 * - We now intercept all URLs beginning with one of the following
265 * prefixes (and *only* these prefixes):
267 * * http://ijbswa.sf.net/config/
268 * * http://ijbswa.sourceforge.net/config/
269 * - New interceptors "home page" - go to http://i.j.b/ to see it.
270 * - Internal changes so that intercepted and fast redirect pages
271 * are not replaced with an image.
272 * - Interceptors now have the option to send a binary page direct
273 * to the client. (i.e. ijb-send-banner uses this)
274 * - Implemented show-url-info interceptor. (Which is why I needed
275 * the above interceptors changes - a typical URL is
276 * "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
277 * The previous mechanism would not have intercepted that, and
278 * if it had been intercepted then it then it would have replaced
281 * Revision 1.1.1.1 2001/05/15 13:59:00 oes
282 * Initial import of version 2.9.3 source tree
285 *********************************************************************/
291 #include <sys/types.h>
293 #if !defined(_WIN32) && !defined(__OS2__)
295 #endif /* #if !defined(_WIN32) && !defined(__OS2__) */
300 #if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
302 #endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
305 #include "miscutil.h"
309 const char miscutil_h_rcs[] = MISCUTIL_H_VERSION;
311 /*********************************************************************
315 * Description : Malloc some memory and set it to '\0'.
316 * The way calloc() ought to be -acjc
319 * 1 : size = Size of memory chunk to return.
321 * Returns : Pointer to newly malloc'd memory chunk.
323 *********************************************************************/
324 void *zalloc(size_t size)
328 if ((ret = (void *)malloc(size)) != NULL)
330 memset(ret, 0, size);
339 /*********************************************************************
341 * Function : write_pid_file
343 * Description : Writes a pid file with the pid of the main process
349 *********************************************************************/
350 void write_pid_file(void)
355 * If no --pidfile option was given,
356 * we can live without one.
358 if (pidfile == NULL) return;
360 if ((fp = fopen(pidfile, "w")) == NULL)
362 log_error(LOG_LEVEL_INFO, "can't open pidfile '%s': %E", pidfile);
366 fprintf(fp, "%u\n", (unsigned int) getpid());
372 #endif /* def unix */
375 /*********************************************************************
377 * Function : hash_string
379 * Description : Take a string and compute a (hopefuly) unique numeric
380 * integer value. This has several uses, but being able
381 * to "switch" a string the one of my favorites.
384 * 1 : s : string to be hashed.
386 * Returns : an unsigned long variable with the hashed value.
388 *********************************************************************/
389 unsigned int hash_string( const char* s )
395 h = 5 * h + (unsigned int)*s;
404 /*********************************************************************
408 * Description : For some reason (which is beyond me), gcc and WIN32
409 * don't like strdup. When a "free" is executed on a
410 * strdup'd ptr, it can at times freez up! So I just
411 * replaced it and problem was solved.
414 * 1 : s = string to duplicate
416 * Returns : Pointer to newly malloc'ed copy of the string.
418 *********************************************************************/
419 char *strdup( const char *s )
421 char * result = (char *)malloc( strlen(s)+1 );
431 #endif /* def __MINGW32__ */
435 /*********************************************************************
437 * Function : safe_strerror
439 * Description : Variant of the library routine strerror() which will
440 * work on systems without the library routine, and
441 * which should never return NULL.
444 * 1 : err = the `errno' of the last operation.
446 * Returns : An "English" string of the last `errno'. Allocated
447 * with strdup(), so caller frees. May be NULL if the
448 * system is out of memory.
450 *********************************************************************/
451 char *safe_strerror(int err)
454 char buf[BUFFER_SIZE];
459 #endif /* HAVE_STRERROR */
463 snprintf(buf, sizeof(buf), "(errno = %d)", err);
472 /*********************************************************************
474 * Function : strcmpic
476 * Description : Case insensitive string comparison
479 * 1 : s1 = string 1 to compare
480 * 2 : s2 = string 2 to compare
482 * Returns : 0 if s1==s2, Negative if s1<s2, Positive if s1>s2
484 *********************************************************************/
485 int strcmpic(const char *s1, const char *s2)
492 if ( ( *s1 != *s2 ) && ( ijb_tolower(*s1) != ijb_tolower(*s2) ) )
498 return(ijb_tolower(*s1) - ijb_tolower(*s2));
503 /*********************************************************************
505 * Function : strncmpic
507 * Description : Case insensitive string comparison (upto n characters)
510 * 1 : s1 = string 1 to compare
511 * 2 : s2 = string 2 to compare
512 * 3 : n = maximum characters to compare
514 * Returns : 0 if s1==s2, Negative if s1<s2, Positive if s1>s2
516 *********************************************************************/
517 int strncmpic(const char *s1, const char *s2, size_t n)
519 if (n <= 0) return(0);
525 if ( ( *s1 != *s2 ) && ( ijb_tolower(*s1) != ijb_tolower(*s2) ) )
534 return(ijb_tolower(*s1) - ijb_tolower(*s2));
539 /*********************************************************************
543 * Description : In-situ-eliminate all leading and trailing whitespace
547 * 1 : s : string to be chomped.
549 * Returns : chomped string
551 *********************************************************************/
552 char *chomp(char *string)
557 * strip trailing whitespace
559 p = string + strlen(string);
560 while (p > string && ijb_isspace(*(p-1)))
567 * find end of leading whitespace
570 while (*q && ijb_isspace(*q))
576 * if there was any, move the rest forwards
591 /*********************************************************************
593 * Function : string_append
595 * Description : Reallocate target_string and append text to it.
596 * This makes it easier to append to malloc'd strings.
597 * This is similar to the (removed) strsav(), but
598 * running out of memory isn't catastrophic.
602 * The following style provides sufficient error
603 * checking for this routine, with minimal clutter
604 * in the source code. It is recommended if you
605 * have many calls to this function:
607 * char * s = strdup(...); // don't check for error
608 * string_append(&s, ...); // don't check for error
609 * string_append(&s, ...); // don't check for error
610 * string_append(&s, ...); // don't check for error
611 * if (NULL == s) { ... handle error ... }
615 * char * s = strdup(...); // don't check for error
616 * string_append(&s, ...); // don't check for error
617 * string_append(&s, ...); // don't check for error
618 * if (string_append(&s, ...)) {... handle error ...}
621 * 1 : target_string = Pointer to old text that is to be
622 * extended. *target_string will be free()d by this
623 * routine. target_string must be non-NULL.
624 * If *target_string is NULL, this routine will
625 * do nothing and return with an error - this allows
626 * you to make many calls to this routine and only
627 * check for errors after the last one.
628 * 2 : text_to_append = Text to be appended to old.
631 * Returns : JB_ERR_OK on success, and sets *target_string
632 * to newly malloc'ed appended string. Caller
633 * must free(*target_string).
634 * JB_ERR_MEMORY on out-of-memory. (And free()s
635 * *target_string and sets it to NULL).
636 * JB_ERR_MEMORY if *target_string is NULL.
638 *********************************************************************/
639 jb_err string_append(char **target_string, const char *text_to_append)
645 assert(target_string);
646 assert(text_to_append);
648 if (*target_string == NULL)
650 return JB_ERR_MEMORY;
653 if (*text_to_append == '\0')
658 old_len = strlen(*target_string);
660 new_size = strlen(text_to_append) + old_len + 1;
662 if (NULL == (new_string = realloc(*target_string, new_size)))
664 free(*target_string);
666 *target_string = NULL;
667 return JB_ERR_MEMORY;
670 strlcpy(new_string + old_len, text_to_append, new_size - old_len);
672 *target_string = new_string;
677 /*********************************************************************
679 * Function : string_join
681 * Description : Join two strings together. Frees BOTH the original
682 * strings. If either or both input strings are NULL,
683 * fails as if it had run out of memory.
685 * For comparison, string_append requires that the
686 * second string is non-NULL, and doesn't free it.
688 * Rationale: Too often, we want to do
689 * string_append(s, html_encode(s2)). That assert()s
690 * if s2 is NULL or if html_encode() runs out of memory.
691 * It also leaks memory. Proper checking is cumbersome.
692 * The solution: string_join(s, html_encode(s2)) is safe,
693 * and will free the memory allocated by html_encode().
696 * 1 : target_string = Pointer to old text that is to be
697 * extended. *target_string will be free()d by this
698 * routine. target_string must be non-NULL.
699 * 2 : text_to_append = Text to be appended to old.
701 * Returns : JB_ERR_OK on success, and sets *target_string
702 * to newly malloc'ed appended string. Caller
703 * must free(*target_string).
704 * JB_ERR_MEMORY on out-of-memory, or if
705 * *target_string or text_to_append is NULL. (In
706 * this case, frees *target_string and text_to_append,
707 * sets *target_string to NULL).
709 *********************************************************************/
710 jb_err string_join(char **target_string, char *text_to_append)
714 assert(target_string);
716 if (text_to_append == NULL)
718 freez(*target_string);
719 return JB_ERR_MEMORY;
722 err = string_append(target_string, text_to_append);
724 free(text_to_append);
730 /*********************************************************************
732 * Function : string_toupper
734 * Description : Produce a copy of string with all convertible
735 * characters converted to uppercase.
738 * 1 : string = string to convert
740 * Returns : Uppercase copy of string if possible,
741 * NULL on out-of-memory or if string was NULL.
743 *********************************************************************/
744 char *string_toupper(const char *string)
749 if (!string || ((result = (char *) zalloc(strlen(string) + 1)) == NULL))
759 *p++ = toupper((int) *q++);
767 /*********************************************************************
769 * Function : simplematch
771 * Description : String matching, with a (greedy) '*' wildcard that
772 * stands for zero or more arbitrary characters and
773 * character classes in [], which take both enumerations
777 * 1 : pattern = pattern for matching
778 * 2 : text = text to be matched
780 * Returns : 0 if match, else nonzero
782 *********************************************************************/
783 int simplematch(char *pattern, char *text)
785 unsigned char *pat = (unsigned char *) pattern;
786 unsigned char *txt = (unsigned char *) text;
787 unsigned char *fallback = pat;
790 unsigned char lastchar = 'a';
792 unsigned char charmap[32];
797 /* EOF pattern but !EOF text? */
810 /* '*' in the pattern? */
814 /* The pattern ends afterwards? Speed up the return. */
820 /* Else, set wildcard mode and remember position after '*' */
825 /* Character range specification? */
828 memset(charmap, '\0', sizeof(charmap));
830 while (*++pat != ']')
836 else if (*pat == '-')
838 if ((*++pat == ']') || *pat == '\0')
842 for(i = lastchar; i <= *pat; i++)
844 charmap[i / 8] |= (1 << (i % 8));
849 charmap[*pat / 8] |= (1 << (*pat % 8));
853 } /* -END- if Character range specification */
857 * Char match, or char range match?
861 || ((*pat == ']') && (charmap[*txt / 8] & (1 << (*txt % 8)))) )
871 * No match && no wildcard: No luck
875 else if (pat != fallback)
878 * Increment text pointer if in char range matching
885 * Wildcard mode && nonmatch beyond fallback: Rewind pattern
889 * Restart matching from current text pointer
896 /* Cut off extra '*'s */
897 if(*pat == '*') pat++;
899 /* If this is the pattern's end, fine! */
905 /*********************************************************************
909 * Description : Duplicate the first n characters of a string that may
910 * contain '\0' characters.
913 * 1 : string = string to be duplicated
914 * 2 : len = number of bytes to duplicate
916 * Returns : pointer to copy, or NULL if failiure
918 *********************************************************************/
919 char *bindup(const char *string, size_t len)
923 if (NULL == (duplicate = (char *)malloc(len)))
929 memcpy(duplicate, string, len);
937 /*********************************************************************
939 * Function : make_path
941 * Description : Takes a directory name and a file name, returns
942 * the complete path. Handles windows/unix differences.
943 * If the file name is already an absolute path, or if
944 * the directory name is NULL or empty, it returns
948 * 1 : dir: Name of directory or NULL for none.
949 * 2 : file: Name of file. Should not be NULL or empty.
951 * Returns : "dir/file" (Or on windows, "dir\file").
952 * It allocates the string on the heap. Caller frees.
953 * Returns NULL in error (i.e. NULL file or out of
956 *********************************************************************/
957 char * make_path(const char * dir, const char * file)
968 strncpy(path,dir+2,512);
972 strncpy(path,dir+1,512);
977 strncpy(path,dir,512);
985 if(AddPart(path,file,512))
993 #else /* ndef AMIGA */
995 if ((file == NULL) || (*file == '\0'))
997 return NULL; /* Error */
1000 if ((dir == NULL) || (*dir == '\0') /* No directory specified */
1001 #if defined(_WIN32) || defined(__OS2__)
1002 || (*file == '\\') || (file[1] == ':') /* Absolute path (DOS) */
1003 #else /* ifndef _WIN32 || __OS2__ */
1004 || (*file == '/') /* Absolute path (U*ix) */
1005 #endif /* ifndef _WIN32 || __OS2__ */
1008 return strdup(file);
1013 size_t path_size = strlen(dir) + strlen(file) + 2; /* +2 for trailing (back)slash and \0 */
1016 if ( *dir != '/' && basedir && *basedir )
1019 * Relative path, so start with the base directory.
1021 path_size += strlen(basedir) + 1; /* +1 for the slash */
1022 path = malloc(path_size);
1023 if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
1024 strlcpy(path, basedir, path_size);
1025 strlcat(path, "/", path_size);
1026 strlcat(path, dir, path_size);
1029 #endif /* defined unix */
1031 path = malloc(path_size);
1032 if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
1033 strlcpy(path, dir, path_size);
1036 #if defined(_WIN32) || defined(__OS2__)
1037 if(path[strlen(path)-1] != '\\')
1039 strlcat(path, "\\", path_size);
1041 #else /* ifndef _WIN32 || __OS2__ */
1042 if(path[strlen(path)-1] != '/')
1044 strlcat(path, "/", path_size);
1046 #endif /* ifndef _WIN32 || __OS2__ */
1047 strlcat(path, file, path_size);
1051 #endif /* ndef AMIGA */
1055 /*********************************************************************
1057 * Function : pick_from_range
1059 * Description : Pick a positive number out of a given range.
1060 * Should only be used if randomness would be nice,
1061 * but isn't really necessary.
1064 * 1 : range: Highest possible number to pick.
1066 * Returns : Picked number.
1068 *********************************************************************/
1069 long int pick_from_range(long int range)
1073 number = random() % range + 1;
1074 #elif defined(FEATURE_PTHREAD)
1075 pthread_mutex_lock(&rand_mutex);
1076 number = rand() % (long int)(range + 1);
1077 pthread_mutex_unlock(&rand_mutex);
1081 * On Windows and mingw32 srand() has to be called in every
1082 * rand()-using thread, but can cause crashes if it's not
1085 * Currently we don't have mutexes for mingw32, and for
1086 * our purpose this cludge is probably preferable to crashes.
1088 log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Using weak \'randomization\' factor.");
1089 number = (range + GetCurrentThreadId() % range) / 2;
1092 * XXX: Which platforms reach this and are there
1093 * better options than just using rand() and hoping
1096 log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Header time randomization might cause "
1097 "crashes, predictable results or even combine these fine options.");
1098 number = rand() % (long int)(range + 1);
1099 #endif /* def _WIN32 */
1101 #endif /* (def HAVE_RANDOM) */
1107 #ifndef HAVE_STRLCAT
1108 /*********************************************************************
1110 * Function : privoxy_strlcat
1112 * Description : strlcat(3) look-alike for those without decent libc.
1115 * 1 : destination: C string.
1116 * 2 : source: String to copy.
1117 * 3 : size: Size of destination buffer.
1119 * Returns : The length of the string that strlcat tried to create.
1121 *********************************************************************/
1122 size_t privoxy_strlcat(char *destination, const char *source, const size_t size)
1124 const size_t old_length = strlen(destination);
1125 return old_length + strlcpy(destination + old_length, source, size - old_length);
1127 #endif /* ndef HAVE_STRLCAT */
1130 #if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
1131 /*********************************************************************
1135 * Description : libc replacement function for the inverse of gmtime().
1136 * Copyright (C) 2004 Free Software Foundation, Inc.
1138 * Code originally copied from GnuPG, modifications done
1139 * for Privoxy: style changed, minor memory leak plugged,
1140 * last putenv() call adjusted to work on mingw32.
1142 * XXX: It's very unlikely to happen, but if the malloc()
1143 * call fails the time zone will be permanently set to UTC.
1146 * 1 : tm: Broken-down time struct.
1148 * Returns : tm converted into time_t seconds.
1150 *********************************************************************/
1151 time_t timegm(struct tm *tm)
1156 zone = getenv("TZ");
1159 answer = mktime(tm);
1164 old_zone = malloc(3 + strlen(zone) + 1);
1167 strcpy(old_zone, "TZ=");
1168 strcat(old_zone, zone);
1175 #ifdef HAVE_UNSETENV
1185 #endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
1188 #ifndef HAVE_SNPRINTF
1190 * What follows is a portable snprintf routine, written by Mark Martinec.
1191 * See: http://www.ijs.si/software/snprintf/
1194 - a portable implementation of snprintf,
1195 including vsnprintf.c, asnprintf, vasnprintf, asprintf, vasprintf
1197 snprintf is a routine to convert numeric and string arguments to
1198 formatted strings. It is similar to sprintf(3) provided in a system's
1199 C library, yet it requires an additional argument - the buffer size -
1200 and it guarantees never to store anything beyond the given buffer,
1201 regardless of the format or arguments to be formatted. Some newer
1202 operating systems do provide snprintf in their C library, but many do
1203 not or do provide an inadequate (slow or idiosyncratic) version, which
1204 calls for a portable implementation of this routine.
1208 Mark Martinec <mark.martinec@ijs.si>, April 1999, June 2000
1209 Copyright © 1999, Mark Martinec
1213 #define PORTABLE_SNPRINTF_VERSION_MAJOR 2
1214 #define PORTABLE_SNPRINTF_VERSION_MINOR 2
1216 #if defined(NEED_ASPRINTF) || defined(NEED_ASNPRINTF) || defined(NEED_VASPRINTF) || defined(NEED_VASNPRINTF)
1217 # if defined(NEED_SNPRINTF_ONLY)
1218 # undef NEED_SNPRINTF_ONLY
1220 # if !defined(PREFER_PORTABLE_SNPRINTF)
1221 # define PREFER_PORTABLE_SNPRINTF
1225 #if defined(SOLARIS_BUG_COMPATIBLE) && !defined(SOLARIS_COMPATIBLE)
1226 #define SOLARIS_COMPATIBLE
1229 #if defined(HPUX_BUG_COMPATIBLE) && !defined(HPUX_COMPATIBLE)
1230 #define HPUX_COMPATIBLE
1233 #if defined(DIGITAL_UNIX_BUG_COMPATIBLE) && !defined(DIGITAL_UNIX_COMPATIBLE)
1234 #define DIGITAL_UNIX_COMPATIBLE
1237 #if defined(PERL_BUG_COMPATIBLE) && !defined(PERL_COMPATIBLE)
1238 #define PERL_COMPATIBLE
1241 #if defined(LINUX_BUG_COMPATIBLE) && !defined(LINUX_COMPATIBLE)
1242 #define LINUX_COMPATIBLE
1245 #include <sys/types.h>
1256 #define isdigit(c) ((c) >= '0' && (c) <= '9')
1258 /* For copying strings longer or equal to 'breakeven_point'
1259 * it is more efficient to call memcpy() than to do it inline.
1260 * The value depends mostly on the processor architecture,
1261 * but also on the compiler and its optimization capabilities.
1262 * The value is not critical, some small value greater than zero
1263 * will be just fine if you don't care to squeeze every drop
1264 * of performance out of the code.
1266 * Small values favor memcpy, large values favor inline code.
1268 #if defined(__alpha__) || defined(__alpha)
1269 # define breakeven_point 2 /* AXP (DEC Alpha) - gcc or cc or egcs */
1271 #if defined(__i386__) || defined(__i386)
1272 # define breakeven_point 12 /* Intel Pentium/Linux - gcc 2.96 */
1275 # define breakeven_point 10 /* HP-PA - gcc */
1277 #if defined(__sparc__) || defined(__sparc)
1278 # define breakeven_point 33 /* Sun Sparc 5 - gcc 2.8.1 */
1281 /* some other values of possible interest: */
1282 /* #define breakeven_point 8 */ /* VAX 4000 - vaxc */
1283 /* #define breakeven_point 19 */ /* VAX 4000 - gcc 2.7.0 */
1285 #ifndef breakeven_point
1286 # define breakeven_point 6 /* some reasonable one-size-fits-all value */
1289 #define fast_memcpy(d,s,n) \
1290 { register size_t nn = (size_t)(n); \
1291 if (nn >= breakeven_point) memcpy((d), (s), nn); \
1292 else if (nn > 0) { /* proc call overhead is worth only for large strings*/\
1293 register char *dd; register const char *ss; \
1294 for (ss=(s), dd=(d); nn>0; nn--) *dd++ = *ss++; } }
1296 #define fast_memset(d,c,n) \
1297 { register size_t nn = (size_t)(n); \
1298 if (nn >= breakeven_point) memset((d), (int)(c), nn); \
1299 else if (nn > 0) { /* proc call overhead is worth only for large strings*/\
1300 register char *dd; register const int cc=(int)(c); \
1301 for (dd=(d); nn>0; nn--) *dd++ = cc; } }
1305 #if defined(NEED_ASPRINTF)
1306 int asprintf (char **ptr, const char *fmt, /*args*/ ...);
1308 #if defined(NEED_VASPRINTF)
1309 int vasprintf (char **ptr, const char *fmt, va_list ap);
1311 #if defined(NEED_ASNPRINTF)
1312 int asnprintf (char **ptr, size_t str_m, const char *fmt, /*args*/ ...);
1314 #if defined(NEED_VASNPRINTF)
1315 int vasnprintf (char **ptr, size_t str_m, const char *fmt, va_list ap);
1318 #if defined(HAVE_SNPRINTF)
1319 /* declare our portable snprintf routine under name portable_snprintf */
1320 /* declare our portable vsnprintf routine under name portable_vsnprintf */
1322 /* declare our portable routines under names snprintf and vsnprintf */
1323 #define portable_snprintf snprintf
1324 #if !defined(NEED_SNPRINTF_ONLY)
1325 #define portable_vsnprintf vsnprintf
1329 #if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
1330 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...);
1331 #if !defined(NEED_SNPRINTF_ONLY)
1332 int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap);
1338 static char credits[] = "\n\
1339 @(#)snprintf.c, v2.2: Mark Martinec, <mark.martinec@ijs.si>\n\
1340 @(#)snprintf.c, v2.2: Copyright 1999, Mark Martinec. Frontier Artistic License applies.\n\
1341 @(#)snprintf.c, v2.2: http://www.ijs.si/software/snprintf/\n";
1343 #if defined(NEED_ASPRINTF)
1344 int asprintf(char **ptr, const char *fmt, /*args*/ ...) {
1350 va_start(ap, fmt); /* measure the required size */
1351 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap);
1353 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1354 *ptr = (char *) malloc(str_m = (size_t)str_l + 1);
1355 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1359 str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1361 assert(str_l2 == str_l);
1367 #if defined(NEED_VASPRINTF)
1368 int vasprintf(char **ptr, const char *fmt, va_list ap) {
1374 va_copy(ap2, ap); /* don't consume the original ap, we'll need it again */
1375 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap2);/*get required size*/
1378 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1379 *ptr = (char *) malloc(str_m = (size_t)str_l + 1);
1380 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1382 int str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1383 assert(str_l2 == str_l);
1389 #if defined(NEED_ASNPRINTF)
1390 int asnprintf (char **ptr, size_t str_m, const char *fmt, /*args*/ ...) {
1395 va_start(ap, fmt); /* measure the required size */
1396 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap);
1398 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1399 if ((size_t)str_l + 1 < str_m) str_m = (size_t)str_l + 1; /* truncate */
1400 /* if str_m is 0, no buffer is allocated, just set *ptr to NULL */
1401 if (str_m == 0) { /* not interested in resulting string, just return size */
1403 *ptr = (char *) malloc(str_m);
1404 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1408 str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1410 assert(str_l2 == str_l);
1417 #if defined(NEED_VASNPRINTF)
1418 int vasnprintf (char **ptr, size_t str_m, const char *fmt, va_list ap) {
1423 va_copy(ap2, ap); /* don't consume the original ap, we'll need it again */
1424 str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap2);/*get required size*/
1427 assert(str_l >= 0); /* possible integer overflow if str_m > INT_MAX */
1428 if ((size_t)str_l + 1 < str_m) str_m = (size_t)str_l + 1; /* truncate */
1429 /* if str_m is 0, no buffer is allocated, just set *ptr to NULL */
1430 if (str_m == 0) { /* not interested in resulting string, just return size */
1432 *ptr = (char *) malloc(str_m);
1433 if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
1435 int str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
1436 assert(str_l2 == str_l);
1444 * If the system does have snprintf and the portable routine is not
1445 * specifically required, this module produces no code for snprintf/vsnprintf.
1447 #if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
1449 #if !defined(NEED_SNPRINTF_ONLY)
1450 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...) {
1455 str_l = portable_vsnprintf(str, str_m, fmt, ap);
1461 #if defined(NEED_SNPRINTF_ONLY)
1462 int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...) {
1464 int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap) {
1467 #if defined(NEED_SNPRINTF_ONLY)
1471 const char *p = fmt;
1473 /* In contrast with POSIX, the ISO C99 now says
1474 * that str can be NULL and str_m can be 0.
1475 * This is more useful than the old: if (str_m < 1) return -1; */
1477 #if defined(NEED_SNPRINTF_ONLY)
1483 /* if (str_l < str_m) str[str_l++] = *p++; -- this would be sufficient */
1484 /* but the following code achieves better performance for cases
1485 * where format string is long and contains few conversions */
1486 const char *q = strchr(p+1,'%');
1487 size_t n = !q ? strlen(p) : (q-p);
1488 if (str_l < str_m) {
1489 size_t avail = str_m-str_l;
1490 fast_memcpy(str+str_l, p, (n>avail?avail:n));
1494 const char *starting_p;
1495 size_t min_field_width = 0, precision = 0;
1496 int zero_padding = 0, precision_specified = 0, justify_left = 0;
1497 int alternate_form = 0, force_sign = 0;
1498 int space_for_positive = 1; /* If both the ' ' and '+' flags appear,
1499 the ' ' flag should be ignored. */
1500 char length_modifier = '\0'; /* allowed values: \0, h, l, L */
1501 char tmp[32];/* temporary buffer for simple numeric->string conversion */
1503 const char *str_arg; /* string address in case of string argument */
1504 size_t str_arg_l; /* natural field width of arg without padding
1506 unsigned char uchar_arg;
1507 /* unsigned char argument value - only defined for c conversion.
1508 N.B. standard explicitly states the char argument for
1509 the c conversion is unsigned */
1511 size_t number_of_zeros_to_pad = 0;
1512 /* number of zeros to be inserted for numeric conversions
1513 as required by the precision or minimal field width */
1515 size_t zero_padding_insertion_ind = 0;
1516 /* index into tmp where zero padding is to be inserted */
1518 char fmt_spec = '\0';
1519 /* current conversion specifier character */
1521 str_arg = credits;/* just to make compiler happy (defined but not used)*/
1523 starting_p = p; p++; /* skip '%' */
1525 while (*p == '0' || *p == '-' || *p == '+' ||
1526 *p == ' ' || *p == '#' || *p == '\'') {
1528 case '0': zero_padding = 1; break;
1529 case '-': justify_left = 1; break;
1530 case '+': force_sign = 1; space_for_positive = 0; break;
1531 case ' ': force_sign = 1;
1532 /* If both the ' ' and '+' flags appear, the ' ' flag should be ignored */
1533 #ifdef PERL_COMPATIBLE
1534 /* ... but in Perl the last of ' ' and '+' applies */
1535 space_for_positive = 1;
1538 case '#': alternate_form = 1; break;
1543 /* If the '0' and '-' flags both appear, the '0' flag should be ignored. */
1545 /* parse field width */
1548 p++; j = va_arg(ap, int);
1549 if (j >= 0) min_field_width = j;
1550 else { min_field_width = -j; justify_left = 1; }
1551 } else if (isdigit((int)(*p))) {
1552 /* size_t could be wider than unsigned int;
1553 make sure we treat argument like common implementations do */
1554 unsigned int uj = *p++ - '0';
1555 while (isdigit((int)(*p))) uj = 10*uj + (unsigned int)(*p++ - '0');
1556 min_field_width = uj;
1558 /* parse precision */
1560 p++; precision_specified = 1;
1562 int j = va_arg(ap, int);
1564 if (j >= 0) precision = j;
1566 precision_specified = 0; precision = 0;
1568 * Solaris 2.6 man page claims that in this case the precision
1569 * should be set to 0. Digital Unix 4.0, HPUX 10 and BSD man page
1570 * claim that this case should be treated as unspecified precision,
1571 * which is what we do here.
1574 } else if (isdigit((int)(*p))) {
1575 /* size_t could be wider than unsigned int;
1576 make sure we treat argument like common implementations do */
1577 unsigned int uj = *p++ - '0';
1578 while (isdigit((int)(*p))) uj = 10*uj + (unsigned int)(*p++ - '0');
1582 /* parse 'h', 'l' and 'll' length modifiers */
1583 if (*p == 'h' || *p == 'l') {
1584 length_modifier = *p; p++;
1585 if (length_modifier == 'l' && *p == 'l') { /* double l = long long */
1586 #ifdef SNPRINTF_LONGLONG_SUPPORT
1587 length_modifier = '2'; /* double l encoded as '2' */
1589 length_modifier = 'l'; /* treat it as a single 'l' */
1595 /* common synonyms: */
1597 case 'i': fmt_spec = 'd'; break;
1598 case 'D': fmt_spec = 'd'; length_modifier = 'l'; break;
1599 case 'U': fmt_spec = 'u'; length_modifier = 'l'; break;
1600 case 'O': fmt_spec = 'o'; length_modifier = 'l'; break;
1603 /* get parameter value, do initial processing */
1605 case '%': /* % behaves similar to 's' regarding flags and field widths */
1606 case 'c': /* c behaves similar to 's' regarding flags and field widths */
1608 length_modifier = '\0'; /* wint_t and wchar_t not supported */
1609 /* the result of zero padding flag with non-numeric conversion specifier*/
1610 /* is undefined. Solaris and HPUX 10 does zero padding in this case, */
1611 /* Digital Unix and Linux does not. */
1612 #if !defined(SOLARIS_COMPATIBLE) && !defined(HPUX_COMPATIBLE)
1613 zero_padding = 0; /* turn zero padding off for string conversions */
1620 int j = va_arg(ap, int);
1621 uchar_arg = (unsigned char) j; /* standard demands unsigned char */
1622 str_arg = (const char *) &uchar_arg;
1626 str_arg = va_arg(ap, const char *);
1627 if (!str_arg) str_arg_l = 0;
1628 /* make sure not to address string beyond the specified precision !!! */
1629 else if (!precision_specified) str_arg_l = strlen(str_arg);
1630 /* truncate string if necessary as requested by precision */
1631 else if (precision == 0) str_arg_l = 0;
1633 /* memchr on HP does not like n > 2^31 !!! */
1634 const char *q = memchr(str_arg, '\0',
1635 precision <= 0x7fffffff ? precision : 0x7fffffff);
1636 str_arg_l = !q ? precision : (q-str_arg);
1642 case 'd': case 'u': case 'o': case 'x': case 'X': case 'p': {
1643 /* NOTE: the u, o, x, X and p conversion specifiers imply
1644 the value is unsigned; d implies a signed value */
1647 /* 0 if numeric argument is zero (or if pointer is NULL for 'p'),
1648 +1 if greater than zero (or nonzero for unsigned arguments),
1649 -1 if negative (unsigned argument is never negative) */
1651 int int_arg = 0; unsigned int uint_arg = 0;
1652 /* only defined for length modifier h, or for no length modifiers */
1654 long int long_arg = 0; unsigned long int ulong_arg = 0;
1655 /* only defined for length modifier l */
1657 void *ptr_arg = NULL;
1658 /* pointer argument value -only defined for p conversion */
1660 #ifdef SNPRINTF_LONGLONG_SUPPORT
1661 long long int long_long_arg = 0;
1662 unsigned long long int ulong_long_arg = 0;
1663 /* only defined for length modifier ll */
1665 if (fmt_spec == 'p') {
1666 /* HPUX 10: An l, h, ll or L before any other conversion character
1667 * (other than d, i, u, o, x, or X) is ignored.
1669 * not specified, but seems to behave as HPUX does.
1670 * Solaris: If an h, l, or L appears before any other conversion
1671 * specifier (other than d, i, u, o, x, or X), the behavior
1672 * is undefined. (Actually %hp converts only 16-bits of address
1673 * and %llp treats address as 64-bit data which is incompatible
1674 * with (void *) argument on a 32-bit system).
1676 #ifdef SOLARIS_COMPATIBLE
1677 # ifdef SOLARIS_BUG_COMPATIBLE
1678 /* keep length modifiers even if it represents 'll' */
1680 if (length_modifier == '2') length_modifier = '\0';
1683 length_modifier = '\0';
1685 ptr_arg = va_arg(ap, void *);
1686 if (ptr_arg != NULL) arg_sign = 1;
1687 } else if (fmt_spec == 'd') { /* signed */
1688 switch (length_modifier) {
1691 /* It is non-portable to specify a second argument of char or short
1692 * to va_arg, because arguments seen by the called function
1693 * are not char or short. C converts char and short arguments
1694 * to int before passing them to a function.
1696 int_arg = va_arg(ap, int);
1697 if (int_arg > 0) arg_sign = 1;
1698 else if (int_arg < 0) arg_sign = -1;
1701 long_arg = va_arg(ap, long int);
1702 if (long_arg > 0) arg_sign = 1;
1703 else if (long_arg < 0) arg_sign = -1;
1705 #ifdef SNPRINTF_LONGLONG_SUPPORT
1707 long_long_arg = va_arg(ap, long long int);
1708 if (long_long_arg > 0) arg_sign = 1;
1709 else if (long_long_arg < 0) arg_sign = -1;
1713 } else { /* unsigned */
1714 switch (length_modifier) {
1717 uint_arg = va_arg(ap, unsigned int);
1718 if (uint_arg) arg_sign = 1;
1721 ulong_arg = va_arg(ap, unsigned long int);
1722 if (ulong_arg) arg_sign = 1;
1724 #ifdef SNPRINTF_LONGLONG_SUPPORT
1726 ulong_long_arg = va_arg(ap, unsigned long long int);
1727 if (ulong_long_arg) arg_sign = 1;
1732 str_arg = tmp; str_arg_l = 0;
1734 * For d, i, u, o, x, and X conversions, if precision is specified,
1735 * the '0' flag should be ignored. This is so with Solaris 2.6,
1736 * Digital UNIX 4.0, HPUX 10, Linux, FreeBSD, NetBSD; but not with Perl.
1738 #ifndef PERL_COMPATIBLE
1739 if (precision_specified) zero_padding = 0;
1741 if (fmt_spec == 'd') {
1742 if (force_sign && arg_sign >= 0)
1743 tmp[str_arg_l++] = space_for_positive ? ' ' : '+';
1744 /* leave negative numbers for sprintf to handle,
1745 to avoid handling tricky cases like (short int)(-32768) */
1746 #ifdef LINUX_COMPATIBLE
1747 } else if (fmt_spec == 'p' && force_sign && arg_sign > 0) {
1748 tmp[str_arg_l++] = space_for_positive ? ' ' : '+';
1750 } else if (alternate_form) {
1751 if (arg_sign != 0 && (fmt_spec == 'x' || fmt_spec == 'X') )
1752 { tmp[str_arg_l++] = '0'; tmp[str_arg_l++] = fmt_spec; }
1753 /* alternate form should have no effect for p conversion, but ... */
1754 #ifdef HPUX_COMPATIBLE
1755 else if (fmt_spec == 'p'
1756 /* HPUX 10: for an alternate form of p conversion,
1757 * a nonzero result is prefixed by 0x. */
1758 #ifndef HPUX_BUG_COMPATIBLE
1759 /* Actually it uses 0x prefix even for a zero value. */
1762 ) { tmp[str_arg_l++] = '0'; tmp[str_arg_l++] = 'x'; }
1765 zero_padding_insertion_ind = str_arg_l;
1766 if (!precision_specified) precision = 1; /* default precision is 1 */
1767 if (precision == 0 && arg_sign == 0
1768 #if defined(HPUX_BUG_COMPATIBLE) || defined(LINUX_COMPATIBLE)
1770 /* HPUX 10 man page claims: With conversion character p the result of
1771 * converting a zero value with a precision of zero is a null string.
1772 * Actually HP returns all zeroes, and Linux returns "(nil)". */
1775 /* converted to null string */
1776 /* When zero value is formatted with an explicit precision 0,
1777 the resulting formatted string is empty (d, i, u, o, x, X, p). */
1779 char f[5]; int f_l = 0;
1780 f[f_l++] = '%'; /* construct a simple format string for sprintf */
1781 if (!length_modifier) { }
1782 else if (length_modifier=='2') { f[f_l++] = 'l'; f[f_l++] = 'l'; }
1783 else f[f_l++] = length_modifier;
1784 f[f_l++] = fmt_spec; f[f_l++] = '\0';
1785 if (fmt_spec == 'p') str_arg_l += sprintf(tmp+str_arg_l, f, ptr_arg);
1786 else if (fmt_spec == 'd') { /* signed */
1787 switch (length_modifier) {
1789 case 'h': str_arg_l+=sprintf(tmp+str_arg_l, f, int_arg); break;
1790 case 'l': str_arg_l+=sprintf(tmp+str_arg_l, f, long_arg); break;
1791 #ifdef SNPRINTF_LONGLONG_SUPPORT
1792 case '2': str_arg_l+=sprintf(tmp+str_arg_l,f,long_long_arg); break;
1795 } else { /* unsigned */
1796 switch (length_modifier) {
1798 case 'h': str_arg_l+=sprintf(tmp+str_arg_l, f, uint_arg); break;
1799 case 'l': str_arg_l+=sprintf(tmp+str_arg_l, f, ulong_arg); break;
1800 #ifdef SNPRINTF_LONGLONG_SUPPORT
1801 case '2': str_arg_l+=sprintf(tmp+str_arg_l,f,ulong_long_arg);break;
1805 /* include the optional minus sign and possible "0x"
1806 in the region before the zero padding insertion point */
1807 if (zero_padding_insertion_ind < str_arg_l &&
1808 tmp[zero_padding_insertion_ind] == '-') {
1809 zero_padding_insertion_ind++;
1811 if (zero_padding_insertion_ind+1 < str_arg_l &&
1812 tmp[zero_padding_insertion_ind] == '0' &&
1813 (tmp[zero_padding_insertion_ind+1] == 'x' ||
1814 tmp[zero_padding_insertion_ind+1] == 'X') ) {
1815 zero_padding_insertion_ind += 2;
1818 { size_t num_of_digits = str_arg_l - zero_padding_insertion_ind;
1819 if (alternate_form && fmt_spec == 'o'
1820 #ifdef HPUX_COMPATIBLE /* ("%#.o",0) -> "" */
1823 #ifdef DIGITAL_UNIX_BUG_COMPATIBLE /* ("%#o",0) -> "00" */
1825 /* unless zero is already the first character */
1826 && !(zero_padding_insertion_ind < str_arg_l
1827 && tmp[zero_padding_insertion_ind] == '0')
1829 ) { /* assure leading zero for alternate-form octal numbers */
1830 if (!precision_specified || precision < num_of_digits+1) {
1831 /* precision is increased to force the first character to be zero,
1832 except if a zero value is formatted with an explicit precision
1834 precision = num_of_digits+1; precision_specified = 1;
1837 /* zero padding to specified precision? */
1838 if (num_of_digits < precision)
1839 number_of_zeros_to_pad = precision - num_of_digits;
1841 /* zero padding to specified minimal field width? */
1842 if (!justify_left && zero_padding) {
1843 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1844 if (n > 0) number_of_zeros_to_pad += n;
1848 default: /* unrecognized conversion specifier, keep format string as-is*/
1849 zero_padding = 0; /* turn zero padding off for non-numeric convers. */
1850 #ifndef DIGITAL_UNIX_COMPATIBLE
1851 justify_left = 1; min_field_width = 0; /* reset flags */
1853 #if defined(PERL_COMPATIBLE) || defined(LINUX_COMPATIBLE)
1854 /* keep the entire format string unchanged */
1855 str_arg = starting_p; str_arg_l = p - starting_p;
1856 /* well, not exactly so for Linux, which does something inbetween,
1857 * and I don't feel an urge to imitate it: "%+++++hy" -> "%+y" */
1859 /* discard the unrecognized conversion, just keep *
1860 * the unrecognized conversion character */
1861 str_arg = p; str_arg_l = 0;
1863 if (*p) str_arg_l++; /* include invalid conversion specifier unchanged
1864 if not at end-of-string */
1867 if (*p) p++; /* step over the just processed conversion specifier */
1868 /* insert padding to the left as requested by min_field_width;
1869 this does not include the zero padding in case of numerical conversions*/
1870 if (!justify_left) { /* left padding with blank or zero */
1871 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1873 if (str_l < str_m) {
1874 size_t avail = str_m-str_l;
1875 fast_memset(str+str_l, (zero_padding?'0':' '), (n>avail?avail:n));
1880 /* zero padding as requested by the precision or by the minimal field width
1881 * for numeric conversions required? */
1882 if (number_of_zeros_to_pad <= 0) {
1883 /* will not copy first part of numeric right now, *
1884 * force it to be copied later in its entirety */
1885 zero_padding_insertion_ind = 0;
1887 /* insert first part of numerics (sign or '0x') before zero padding */
1888 int n = zero_padding_insertion_ind;
1890 if (str_l < str_m) {
1891 size_t avail = str_m-str_l;
1892 fast_memcpy(str+str_l, str_arg, (n>avail?avail:n));
1896 /* insert zero padding as requested by the precision or min field width */
1897 n = number_of_zeros_to_pad;
1899 if (str_l < str_m) {
1900 size_t avail = str_m-str_l;
1901 fast_memset(str+str_l, '0', (n>avail?avail:n));
1906 /* insert formatted string
1907 * (or as-is conversion specifier for unknown conversions) */
1908 { int n = str_arg_l - zero_padding_insertion_ind;
1910 if (str_l < str_m) {
1911 size_t avail = str_m-str_l;
1912 fast_memcpy(str+str_l, str_arg+zero_padding_insertion_ind,
1918 /* insert right padding */
1919 if (justify_left) { /* right blank padding to the field width */
1920 int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
1922 if (str_l < str_m) {
1923 size_t avail = str_m-str_l;
1924 fast_memset(str+str_l, ' ', (n>avail?avail:n));
1931 #if defined(NEED_SNPRINTF_ONLY)
1934 if (str_m > 0) { /* make sure the string is null-terminated
1935 even at the expense of overwriting the last character
1936 (shouldn't happen, but just in case) */
1937 str[str_l <= str_m-1 ? str_l : str_m-1] = '\0';
1939 /* Return the number of characters formatted (excluding trailing null
1940 * character), that is, the number of characters that would have been
1941 * written to the buffer if it were large enough.
1943 * The value of str_l should be returned, but str_l is of unsigned type
1944 * size_t, and snprintf is int, possibly leading to an undetected
1945 * integer overflow, resulting in a negative return value, which is illegal.
1946 * Both XSH5 and ISO C99 (at least the draft) are silent on this issue.
1947 * Should errno be set to EOVERFLOW and EOF returned in this case???
1952 #endif /* ndef HAVE_SNPRINTF */